Cloud Security – Encryption of data at rest and in motion

There’s a lot of hype about moving to the cloud and it is delivering on its promise of flexibility (51%), availability (50%) and cost reductions (48%). This, as a result of comprehensive research (signup required) in cooperation with the 250,000+ member Information Security Community on LinkedIn conducted by Crowd Research.

But the Cloud is still falling short when it comes to Security, which is still the biggest perceived barrier to cloud adoption. Nine out of ten organizations are very or moderately concerned about cloud security.

The dominant cloud security concerns include unauthorized access (63%), hijacking of accounts (61%), and malicious insiders (43%). Malware, denial of service attacks, and other direct attacks against the cloud provider rank lower on the list of concerns.

Cloud Confidence Builders

The most popular method to close the cloud security gap is the ability to set and enforce consistent cloud security policies (50%). Encryption for data at rest (65%) and in motion (57%) top the list of most effective security controls for data protection in the cloud.

At frevvo, as with any public cloud vendor, we take security very seriously. Most of our customers have relatively limited security expertise and have difficulty performing regular security audits and assessments. In contrast, security is critical for us and all public cloud vendors and we implement multi-layered approaches to security taking into account data centers, storage, networks, backups, audits and policies.

Specifically, when it comes to data privacy at rest and in motion, we take many steps including:

All data at rest is encrypted including databases, backups, replicas, and snapshots.

Employees have no direct access to database servers.

Users’ data and accounts are isolated from undesirable traffic and access.

All access is via TLS cryptographic protocols ensuring that users have a secure connection from their browsers to our services.

Individual user sessions are identified and verified using a unique token created at login and never re-used.

and more …

All this works in concert with the other security layers that we have in place to ensure that you can use frevvo’s Cloud with confidence. And, if you’re still not convinced, we also offer Private and Hybrid Cloud versions. So, security is no longer an excuse for paper/PDF based forms and approvals.